Office of the Chief Information Security Officer

Cyber-Risk and Data Privacy Governance Committee

In 2015, the UC Office of the President mandated that campuses take a number of steps to improve cybersecurity and strengthen our defenses against future cyberattacks. One element of the mandate was for each campus to develop a governance approach to consistently evaluate and reduce cyber risks across each campus. In response, the UCLA Cyber-Risk Planning Group was formed under the then Cyber-Risk Responsible Executive.

• Read more about the UCLA Cyber-Risk and Data Privacy Governance Committee

UCLA Policies & Standards

• UCLA Policy 401 - Minimum Security Controls
• UCLA Policy 404 - Encryption of Electronically Stored Personal Information
• UCLA Policy 420 : Breaches of Computerized Personal Information
• Routine Monitoring Statement
• Vulnerability Management Standard
  • Vulnerability Management Exception Request Form
• UCLA Policy Exception Request Form
  • UCLA Policy Exception Request Form Instructions
• UCLA Information Security Management Plan (UCLA login required)

See more UCLA Information Security Policies

UC Policies

• UCOP Electronic Communications Policy
• UCOP BFB-IS-3 Electronic Information Security
• UC Institutional Information and IT Resource Classification Standard
• UC Event Logging Standard

See more UC Information Security Policies